fix(Resources): propagate ARM nested error details in deployment validation#29445
Merged
VeryEarly merged 2 commits intoApr 28, 2026
Conversation
…dation When New-AzDeployment fails validation with MultipleErrorsOccurred, the actual inner error details (e.g. KeyVaultParameterReferenceSecretRetrieveFailed) were silently dropped. HandleError was using ex.InnerException (the .NET exception chain) as the ARM Details payload, instead of cloudEx.Body.Details which holds the true ARM sub-errors from the HTTP response body. Changes: - Rewrote HandleError to use pattern matching for CloudException and map cloudEx.Body?.Details via new ConvertCloudErrorToErrorResponse helper - Added private static ConvertCloudErrorToErrorResponse that recursively converts IList<CloudError> to IList<ErrorResponse> - Added regression test ValidateDeployment_WhenCloudExceptionHasNestedDetails_PropagatesInnerErrors Fixes Azure#28308 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
| Thanks for your contribution! The pull request validation has started. Please revisit this comment for updated status. |
Contributor
|
Thank you for your contribution @jeffreybulanadi! We will review the pull request and get back to you soon. |
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes New-AzDeployment validation error handling in the Resources module so ARM nested error details from deployment validation responses are preserved and surfaced to users (addressing #28308).
Changes:
- Updated
NewResourceManagerSdkClient.HandleErrorto map ARM nested errors fromCloudException.Body.Detailsvia a recursive converter. - Added a regression unit test covering
MultipleErrorsOccurredwith nesteddetails. - Added an Upcoming Release entry in
src/Resources/Resources/ChangeLog.md.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
src/Resources/ResourceManager/SdkClient/NewResourceManagerSdkClient.cs |
Converts CloudException.Body.Details into ErrorResponse.Details to preserve nested ARM errors during deployment validation. |
src/Resources/Resources.Test/Models.ResourceGroups/ResourceClientTests.cs |
Adds a regression test ensuring nested ARM validation errors are propagated into TemplateValidationInfo. |
src/Resources/Resources/ChangeLog.md |
Documents the user-visible fix for nested ARM validation errors not being shown. |
- Add fallback to cloudEx.Message when CloudException body has no message - Add fallback to HandleError(ex.InnerException) when ARM body has no details, so CloudException cases without a deserialized ARM body remain actionable - Expand ARM acronym in ChangeLog to 'ARM (Azure Resource Manager)' on first use Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Collaborator
|
/azp run |
Contributor
|
Azure Pipelines successfully started running 3 pipeline(s). |
VeryEarly
approved these changes
Apr 28, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Fixes #28308
When
New-AzDeploymentfails validation withMultipleErrorsOccurred, the actual inner error details (e.g.KeyVaultParameterReferenceSecretRetrieveFailed) were silently dropped. TheHandleErrormethod was usingex.InnerException(the .NET exception chain) as the ARM Details payload instead ofcloudEx.Body.Details, which holds the true ARM sub-errors from the HTTP response body.Root Cause
In
NewResourceManagerSdkClient.HandleError(Exception ex), when aCloudExceptionis caught, the original code calledHandleError(ex.InnerException)to populate theDetailsfield. However,CloudException.InnerExceptionis a low-level HTTP exception, not the ARM nested errors. The ARM nested errors live incloudEx.Body.Detailsand were never mapped, soDisplayInnerDetailErrorMessagewas never reached.Changes
HandleErrorto use pattern matching forCloudExceptionand mapcloudEx.Body?.Detailsthrough a newConvertCloudErrorToErrorResponsehelperprivate static ConvertCloudErrorToErrorResponsethat recursively convertsIList<CloudError>toIList<ErrorResponse>, preserving the full nested hierarchyValidateDeployment_WhenCloudExceptionHasNestedDetails_PropagatesInnerErrorsBefore vs After
Before: Only the top-level vague error was shown:
After: All nested errors are surfaced:
Testing
All 15
ResourceClientTestspass with 0 regressions.Checklist